From: Renaud Métrich <1163635+rmetrich@users.noreply.github.com> Date: Wed, 20 May 2026 23:02:33 +0000 (+0000) Subject: Fix parsing of legacy url_rewrite_program responses (#2420) X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bb854bb95ae22bffb40c66b1fe3bb344f1563d7e;p=thirdparty%2Fsquid.git Fix parsing of legacy url_rewrite_program responses (#2420) Legacy helper responses start with a URL instead of `OK rewrite_url=...` and such. 2016 commit ddc77a2e introduced two bugs when handling legacy responses: * Response parsing code triggered MemBuf assertions when 0-terminating the parsing buffer for certain URLs. The bug affected legacy helper responses with and without space characters. * Squid code attempted to accept/use helper-returned URLs with embedded space character(s), despite a WARNING implying that the post-space characters are not going to become a part of the new URL. --- diff --git a/CONTRIBUTORS b/CONTRIBUTORS index 4509413cee..8e70676885 100644 --- a/CONTRIBUTORS +++ b/CONTRIBUTORS @@ -439,6 +439,7 @@ Thank you! Regents of the University of California (UCSD) Reinhard Posmyk Reinhard Sojka + Renaud Metrich Rene Geile Reuben Farrelly Ricardo Ferreira Ribeiro diff --git a/src/redirect.cc b/src/redirect.cc index 14a1027147..528fed105d 100644 --- a/src/redirect.cc +++ b/src/redirect.cc @@ -110,8 +110,9 @@ redirectHandleReply(void *data, const Helper::Reply &reply) // parse it into status=, url= and rewrite-url= keys if (replySize) { MemBuf replyBuffer; - replyBuffer.init(replySize, replySize); - replyBuffer.append(reply.other().content(), reply.other().contentSize()); + replyBuffer.init(replySize + 1, replySize + 1); // with space for 0-terminator added by append() + Assure(replySize <= size_t(reply.other().contentSize())); + replyBuffer.append(reply.other().content(), replySize); char * result = replyBuffer.content(); Helper::Reply newReply;